A genuine looking email is sent to a company’s accounts payable department with instructions from its president to pay money to a certain account. The “To” and “From” headers and the signature block look identical to hundreds of emails previously received by the department from the company’s president. In reliance on the email, money is wired to the designated account. It later turns out the email was fake and the company’s money was wired to a fraudster’s account.
In another scenario, the company’s accounts payable department receives an email purportedly from a trusted vendor. The email looks genuine, even down to the vendor’s logo. In the email, the vendor states that it has changed its bank account and directs the company to make future payments to its new account. The company wires the money to the new account and later discovers that the money didn’t go the vendor. It went instead to a fraudster who had impersonated the vendor.
Both of these scenarios fall under the category of “email spoofing”, which refers to a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source. Otherwise known as business email compromise this technique is used to dupe employees into moving money into a fake account.
According to the FBI, $43 billion in losses were sustained due to business email compromise between 2016 and 2021. This is a growing type of cybercrime that generates billions in losses every year. Companies that have been defrauded by these schemes ought to look at their crime policies, which typically have some or all of the following coverage grants:
Social engineering coverage. Many crime policies cover losses arising from so-called social engineering, which means the intentional misleading of someone within the insured company by someone impersonating a vendor or executive at the company. The challenge with this form of coverage is that losses are often subject to a lower limit (a “sublimit”) than the other forms of coverage in a crime policy.
Computer fraud coverage. Particular attention should be paid to how a policy’s computer fraud coverage is defined. Some policies require that there be a “fraudulent entry of data into a computer system and change to data elements or program logic of a computer system.” This requirement may be met for losses arising from the first scenario – i.e., where a subordinate wires money in reliance on an authentic looking email from a corporate officer. In this regard, court cases have held that a third party’s entry into and manipulation of a company’s email system, in order to generate a genuine looking email, will be covered under this formulation.
Other policies define computer fraud in broader language. These policies cover losses arising from the use of a computer to fraudulently cause the transfer of funds from the company to a person or entity outside the company. This wording would cover losses arising from the second scenario – i.e., where the company sends funds in reliance on a genuine looking email purportedly from a vendor.
Funds transfer coverage. This is a narrower form of coverage. It covers losses from fraudulent instructions that are transmitted in the insured’s name to a financial institution directing that the insured’s funds be transferred to an outside account. Unlike the two scenarios above, this form of coverage typically does not cover transfers initiated by the company’s instructions to a financial institution, even if that instruction was fraudulently procured by a third party.
Forgery coverage. This covers losses arising from the forged signature of an authorized signator on a financial instrument such as checks, drafts and promissory notes. Coverage under the forgery grant for losses arising from the two scenarios above is unlikely, although there is at least one case which has held that a fake instruction from a company’s president, as used in the first scenario, may trigger coverage under this grant.
The take-away is very simple. Financial losses arising from this kind of email fraud may in fact be covered under a company’s crime policy, but policy wording is always key. And, given how widespread this kind of email fraud has become, companies ought to make sure that they have the right kind of insurance coverage to protect against these losses.
This article was originally published in Today's General Counsel.
This publication is published by the law firm of Ervin Cohen & Jessup LLP. The publication is intended to present an overview of current legal trends; no article should be construed as representing advice on specific, individual legal matters. Articles may be reprinted with permission and acknowledgment. ECJ is a registered service mark of Ervin Cohen & Jessup LLP. All rights reserved.
- Partner
Peter S. Selvin, Chair of ECJ's Insurance Coverage and Recovery Department, is a business trial lawyer with more than 30 years of experience. While he specializes in the areas of insurance coverage and international litigation, his ...
Subscribe
Recent Posts
- “Prejudice” No Longer an Element to Determine Waiver of Right to Compel Arbitration | By: Jared W. Slater
- California Minimum Wage Increases for 2025 | By: Kelly O. Scott
- New Law Prohibits Discrimination on the Basis of Possessing a Driver's License | By: Tanner Hosfield
- LA City Council Approves $30 Minimum Wage for Hotel and LAX Workers | By: Pooja Nair
- New Law Mandates That Employees Can No Longer Be Required to Use Vacation Before Receiving Paid Family Leave Benefits | By: Tanner Hosfield
- Employer Alert: New Whistleblower Poster Required | By: Joanne Warriner
- New Law Expands Posting Requirements Regarding Workers’ Compensation Rights | By: Cate A. Veeneman
- Entertainment Vendors Must Certify Safety Training for Employees By: Jared W. Slater
- California Employers Prohibited from Mandatory Religious or Political Meetings | By: Jared W. Slater
- California Expands Reach Of Crown Act to Prevent Discrimination Based On Natural and Protective Hairstyles | By: Cate A. Veeneman
Blogs
Contributors
Archives
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- March 2019
- February 2019
- January 2019
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014